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Sir: 

PRE-APPEAL BRIEF REQUEST FOR REVIEW 

Applicant requests a pre-appeal brief review of the rejections in the Final Office 
Action mailed on April 4, 2006. This Request is being filed concurrently with a Notice of 
Appeal, in accordance with the Official Gazette Notice of July 12, 2005. 

This Pre-Appeal Brief request for review follows the Examiner's Advisory Action 
mailed July 11, 2006. 
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Claims 1-36 remain pending, with claims 1-36 being the subject of this 
Pre-Appeal Brief request for review. In the Final Office Action, the Examiner rejected 
claims 1-36 under 35 U.S.C. § 103(a) as being obvious over U.S. Patent No. 5,590,199 
to Krajewski, Jr. et al. ("Krajewskf) in view of U.S. Patent No. 5,005,200 to Fischer 
( u Fischer). 

The Examiner's rejection contains clear errors in the form of inconsistencies in 
the application of the prior art to Applicant's claims. 

Claim 1 recites a combination including, for example, 

A method of enhancing the security of a message sent by a 
principal from a client computer through a network server to a destination 
server, comprising the steps of: 

obtaining by the client computer credentials for authorizing the 
principal from a validation center ; 

establishing a first secure connection for exchanging data between 
the client and the network server: 

transmitting from the client computer to the network server over the 
first secure connection the principal-authenticating credentials and the 
message; 

transmitting the principal-authenticating credentials from the 
network server to the validation center; 

transmitting permission data for the network server from the 
validation center to the network server based on the principal- 
authenticating credentials; 

verifying the authorization of the principal in the network server to 
access a digital certificate and issuing a digital certificate to the network 
server; 

establishing a second secure connection for exchanging data 
between the network server and the destination server based on the 
digital certificate; and 

transmitting the message from the network server to the destination 
server over the second secure connection 
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(emphasis added). The cited references, alone or in combination, do not teach 

at least the claimed client computer, network computer, validation center, and 

destination server. 

Krajewski teaches an untrusted workstation 14 used as a client, a service 20 
(referred interchangeably as a computer, network, and system server/service), and a 
Kerberos authorization server (KAS) 32 (Krajewski Fig. 3 and col. 5, lines 46-54). 
Service 20 executes a program referred to as "server Kerberos" that interacts with KAS 
32 (Krajewski Fig. 4, col. 5 lines 39-45). The untrusted workstation 14 performs some 
authentication processing using a locally available smart card 30. 

The Examiner's position is difficult to decipher. Consider first the non-final Office 
Action mailed August 9, 2005. Referring to the claim language "transmitting the 
principal authenticating credentials from the network server to the validation center," the 
Examiner cites portions of Krajewski disclosing transferring a ticket from the client to the 
smart card 30 (non-Final Office Action p. 3 U 2 line 6 - p. 4 line 2), seeming to allege 
that the smart card 30 corresponds to the claimed network server. However, in the text 
accompanying the citation, the Examiner appears to indicate that the service 20, and 
not the smart card 30, corresponds to the claimed network server. At the end of this 
very same paragraph, the Examiner appears to equate the service 20 with the claimed 
destination server (non-Final Office Action page 4, lines 11-13). 

In response to the Examiner's inconsistent mapping of devices in Krajewski to 
the claimed network and destination servers, Applicant requested that the Examiner 
provide some reasonable structure to his position, by setting forth the correlation 
between devices in Krajewski with the claimed client computer, network server, 
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destination server, and validation center, in tabular form (Reply to Office Action mailed 

Jan. 10, 2006, page 1 1 lines 26-28). Applicant notes that the Examiner did not do so, 

and submits that this is likely because such a table would be impossible to construct 

without coming to the conclusion that Krajewski simply fails to teach the claimed client 

computer, network server, destination server, and validation center of claim 1 . 

In the Final Office Action mailed April 4, 2006, the Examiner again failed to 
provide a coherent explanation of how the devices in Krajewski correspond to the 
claimed network and destination server. In response to Applicant's arguments, the 
Examiner appears to reassert that the service 20 corresponds to the claimed network 
server, but then asserts that the server Kerberos corresponds to the claimed destination 
server (Final Office Action p. 2 U 4, lines 11-12). Note that claim 1 recites "exchanging 
data between the network server and the destination server based on the digital 
certificate," but Krajewski clearly shows the server Kerberos located on the service 20 
(see Fig. 4). The Examiner's mapping appears to assert the unusual position that the 
service 20 uses a digital certificate in order to communicate with its own software. 

In an Advisory Action dated July 1 1 , 2006, the Examiner appeared to retreat from 
his position that server Kerberos constitutes the claimed destination server, instead 
alleging only that Fischer discloses the claimed destination server. However, note that 
in both the non-Final and Final Office Actions, the Examiner relied on FischerXo teach 
the claimed digital certificate, not the destination server. If the Examiner's position is 
now that Krajewski does not teach the claimed destination server, but rather Fischer 
does so, Applicant has not had an opportunity to address this position. 
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In sum, the Examiner has made a number of inconsistent allegations to support 
the Examiner's position that Krajewski teaches each of the claimed client computer, 
network computer, validation center, and destination server. At various times the 
Examiner has alleged that service 20 corresponds to both the claimed network or 
destination server, has alleged that the smart card 30 corresponds to the claimed 
network server, and has alleged that the server Kerberos corresponds to the claimed 
destination server. Finally, in the Advisory Action, the Examiner appears to indicate that 
Fischer, and not Krajewski, teaches the claimed destination server. 

In light of the inconsistent application of the teachings of the prior art, Applicant 
submits that the Examiner's position, as articulated in the Office Actions and Advisory 
Action, cannot reasonably be read to approximate a prima facie case of obviousness. 
Applicant requests that the board of examiners withdraw the rejection. 

Please grant any extensions of time required to enter this response and charge 
any additional required fees to our deposit account 06-0916. 



Respectfully submitted, 



FINNEGAN, HENDERSON, FARABOW, 
GARRETT & DUNNER, LLP. 



Dated: August^., 2006 




Jeffrey A. Berkowitz 
Reg. No. 36,743 
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